Cookies are used on this Website. This is necessary in order to remember your preferences, as well as to
collect analytical data about visits to the Website.
Use of our Website means that you agree to the use of all cookies and analytics of Website visits in
accordance with Bitnewstoday.com's Privacy Policy.

An anonymous hacker managed to transfer EOS 2.09 mln (approximately $7.7 mln) from a hacked account due to a probably failed blacklist update by the EOS block producer (BP), which was signaled in BP EOS42 Telegram channel.

The EOS blockchain contains a function that requires BP to put the hacked accounts to the blacklist. In order for the blacklist to function properly, all TOP-21 BPs should enter a specific account into the list. On February 22, a new producer of EOS blocks, called “games.eos”, probably, did not update the blacklist of EOS accounts, which allowed the hacker to operate.

The security system of cryptocurrency exchange Huobi recorded the movement of assets to their accounts using the data obtained from the blacklist of the EOS Core Arbitration Forum (ECAF). Following that, Huobi froze accounts and related assets, posting a tweet about the incident.

On Feb 22 at 17:35 (GMT+8), the Huobi Security team monitored that #ECAF (EOS Core Arbitration Forum) blacklisted accounts had sudden flow of assets into Huobi accounts. These $EOS accounts have subsequently been frozen, including relevant assets related to these accounts.

Consequently, EOS42 made a proposal to nullify the blacklisted account keys instead of providing veto power to a single BP in the EOS network. According to EOS42, the key nullification option is more efficient and allows to save the account and return it to the rightful owner.